Automate intelligence ingestion across your operational grid.
Programmatic REST access is strictly limited to authenticated Enterprise environments. Requests must include an active API token in the authorization header.
Authorization: Bearer tp_live_xxxxxxxxxxxxxxxxx
The fastest ingestion path. The ThreatPulse engine pushes JSON payloads directly to your PagerDuty (Events API v2), Jira Cloud, SIEM, or Slack/Discord endpoints within 300ms of a standard deviation anomaly trigger.
{
"timestamp": "2026-06-25T14:32:01Z",
"radar_node": "Dark Web Malware DB",
"severity_metric": {
"z_score": 3.42,
"volume_spike_pct": 185.4,
"statistical_threshold_met": true
},
"llm_analysis": {
"threat_summary": "Extracted indicators show emerging zero-day distribution...",
"mitre_tags": ["Zero-Day", "Credential Leak"],
"targets": ["Aviation", "Energy"]
},
"routing": {
"pagerduty_routing_key": "YOUR_INTEGRATION_KEY",
"jira_project_key": "SEC-OPS"
}
}
Query the analytical datastore for historical trends, specific adversary nodes, or brand-specific vulnerabilities.
/v1/intel/anomalies
Fetch paginated threat anomalies. Required query parameters: